Vulnerabilities > Qemu > Qemu > 6.2.0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-07-11 | CVE-2022-35414 | Use of Uninitialized Resource vulnerability in multiple products softmmu/physmem.c in QEMU through 7.0.0 can perform an uninitialized read on the translate_fail path, leading to an io_readx or io_writex crash. | 8.8 |
| 2022-05-11 | CVE-2021-3611 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A stack overflow vulnerability was found in the Intel HD Audio device (intel-hda) of QEMU. | 6.5 |
| 2022-05-02 | CVE-2021-3750 | Use After Free vulnerability in multiple products A DMA reentrancy issue was found in the USB EHCI controller emulation of QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4206 | Incorrect Calculation of Buffer Size vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2022-04-29 | CVE-2021-4207 | Classic Buffer Overflow vulnerability in multiple products A flaw was found in the QXL display device emulation in QEMU. | 8.2 |
| 2021-06-02 | CVE-2021-3544 | Memory Leak vulnerability in multiple products Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. | 6.5 |
| 2021-06-02 | CVE-2021-3545 | Use of Uninitialized Resource vulnerability in multiple products An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. | 6.5 |
| 2021-06-02 | CVE-2021-3546 | Out-of-bounds Write vulnerability in multiple products An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. | 8.2 |
| 2021-05-28 | CVE-2020-35504 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the SCSI emulation support of QEMU in versions before 6.0.0. | 2.1 |
| 2021-05-28 | CVE-2020-35505 | NULL Pointer Dereference vulnerability in multiple products A NULL pointer dereference flaw was found in the am53c974 SCSI host bus adapter emulation of QEMU in versions before 6.0.0. | 2.1 |